back to article CCL Computers probing source of fake virus-riddled dispatch mail

Bradford-based reseller CCL Computers is investigating the origins of a fake dispatch email containing a virus that was today sent by a third party to at least a thousand of the firm's customers. The tracking details on the standard template were legitimate, say sources who received the mail, as they pointed to a genuine …

COMMENTS

This topic is closed for new posts.
  1. Dr?

    bad news

    Bad news for my favorite, nearest and most trusted hardware suppliers. They will still be my first port of call the next time I want to upgrade.

    1. PNGuinn
      Thumb Up

      Re: bad news

      Me too - those guys have given me superb service over the years. It's rare today to find a supplier who actually knows what it's selling and cares about what the customer actually WANTS.

  2. Spoonsinger

    I got it,

    but I never have bought anything from them. Weird.

    1. Dave Pickles

      Re: I got it,

      My version was from a host in Korea, sent to an email address I only ever used with an online storage provider. I've also never heard of CCL.

      1. Grease Monkey Silver badge

        Re: I got it,

        When I read the story my first thought was "how do they know it only went to CCL customers?" and my second thought was "if it only went to CCL customers there must have been a data breach."

        Well since it clearly didn't go only to CCL customers there was no data breach.

        The author needs to do a little fact checking before submitting copy.

  3. Anonymous Coward
    Anonymous Coward

    Well I just thought it was TAO at GCHQ!

    The quick analysis that I did in a virtual sandbox on OS X showed that my viral email from CCL appeared to come from an infected virginmedia.net consumer i.e. botnet, & the origin IP was listed as suspect on spamhaus.

    As I've never bought anything from Bradford I wildly guessed it was the tailored access operation boffins in Cheltenham up to their well-paid tricks again! after all - don't they control quite a few of the available botnets??

  4. Infernoz Bronze badge
    Facepalm

    Are these customers blind, it is a Very Common exploit spam tactic to spoof retailers now!

    I have an email rule just to move anything not caught by my Spam filter, and with specific attachment types (especially zip files) to my Trash folder, because 99.9% of them are fakes and exploits, but not to delete them straight away, so that I don't loose a rare valid email.

    Just a quick read of the Header details of these emails shows some quite pathetic give-aways, and the email body is often even more obvious!

    1. andy gibson

      Re: Are these customers blind, it is a Very Common exploit spam tactic to spoof retailers now!

      Its not a case of "customers being blind", some have reported that the tracking number is a legitimate one, and that some of the purchase order numbering details in the email match those that certain people use. Like the article says "It is not clear how the fraudsters got customer details from CCL's database".

      Yes, I get fake Amazon and Asda ones daily, which I delete without a second thought. What I don't want to see is my actual order numbers and tracking details being circulated in this way, it points less to being a random spoofing and more of their database being hacked and my details exposed.

      1. Grease Monkey Silver badge

        Re: Are these customers blind, it is a Very Common exploit spam tactic to spoof retailers now!

        "Like the article says "It is not clear how the fraudsters got customer details from CCL's database"."

        Except if you read further up it isn't just CCL customers who received the email so the spammers didn't get customer details from CCL's database. What they actually did was get hold of a genuine dispatch note and spam lots of people with their scam.

        I frequently get scam emails purporting to be from companies (often banks) with whom I have never dealt. It's not an uncommon tactic. Using legitimate looking dispatch note details is not something I've specifically come across before, but it's not a massive leap and would not require any breach of security in CCL's customer database.

  5. Alan J. Wylie

    Not a CCL data leak

    I got several copies of the e-mail, none to the unique address I use for CCL.

  6. tonym

    I don't think it is anything to do with CCL's database either. I received it on all the email addresses on my domain that usually get spammed, not just the one that I have used with CCL.

    This morning's very similar flood of spam was all from "Royal Mail".

  7. Catweazle666

    Amazon

    I have never had this problem when dealing with CCL.

    Amazon however is a different story altogether.

This topic is closed for new posts.

Other stories you might like